# Base-image
FROM ruby:2.6.10-slim-bullseye@sha256:3d641979a7dc819b4c253dc62d2f74800817053247005f72b871d164498109df AS base

ARG ATOM_RUBY_VERSION=3.4.5
ARG DEBIAN_REPO
ARG GITHUB_RAW_URL=https://raw.githubusercontent.com
ARG GITHUB_URL=https://github.com
ARG JAVA_VERSION=21.0.8-tem
ARG NODE_20
ARG NODE_VERSION=${NODE_20}
ARG NODEJS_DIST_URL
ARG NPM_REPO
ARG NVM
ARG NVM_VERSION=${NVM}
ARG PIP_CONFIG
ARG RUBY_LANG_URL
ARG RUBYGEMS_REPO
ARG SDKMAN_URL=https://api.sdkman.io/2

ENV ATOM_RUBY_VERSION=$ATOM_RUBY_VERSION \
    BUNDLE_SILENCE_ROOT_WARNING=true \
    JAVA_HOME="/opt/java/${JAVA_VERSION}" \
    JAVA_TOOL_OPTIONS="-Dfile.encoding=UTF-8" \
    JAVA_VERSION=$JAVA_VERSION \
    NVM_DIR="/root/.nvm" \
    PYTHONPATH=/opt/pypi \
    npm_config_build_from_source=true
ENV PATH=${PATH}:/usr/local/bin:/root/.local/bin:/root/.rbenv/bin:${NVM_DIR}/versions/node/v${NODE_VERSION}/bin

COPY ci/images/debian/install.sh /tmp/

RUN set -e; \
    if [ -n "$DEBIAN_REPO" ]; then \
      if [ -f /etc/apt/sources.list ]; then \
        sed -i "s|http://deb.debian.org/debian|$DEBIAN_REPO/debian|g" /etc/apt/sources.list; \
        sed -i "s|http://security.debian.org/debian-security|$DEBIAN_REPO/debian-security|g" /etc/apt/sources.list; \
      fi; \
      if [ -f /etc/apt/sources.list.d/debian.sources ]; then \
        sed -i "s|http://deb.debian.org|$DEBIAN_REPO|g" /etc/apt/sources.list.d/debian.sources; \
      fi \
    fi; \
    if [ -n "$NODEJS_DIST_URL" ]; then \
      export "NVM_NODEJS_ORG_MIRROR=$NODEJS_DIST_URL"; \
      printf "disturl=$NODEJS_DIST_URL\n" >> $HOME/.npmrc; \
    fi; \
    if [ -n "$NPM_REPO" ]; then \
      export "COREPACK_NPM_REGISTRY=$NPM_REPO"; \
      printf "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO\n" >> $HOME/.npmrc; \
    fi; \
    if [ -n "$PIP_CONFIG" ]; then \
      mkdir $HOME/.pip/; \
      printf "$PIP_CONFIG" > $HOME/.pip/pip.conf; \
    fi; \
    if [ -n "$RUBYGEMS_REPO" ]; then \
      gem sources --add $RUBYGEMS_REPO/; \
      gem sources --remove https://rubygems.org/; \
      gem sources -c; \
    fi; \
    apt-get update \
 && apt-get install -qq -y --no-install-recommends \
      bash \
      bzip2 \
      curl \
      gawk \
      git-core \
      make \
      unzip \
      zip \
 && apt-get install -qq -y \
      build-essential \
      gcc-10 \
      g++-10 \
      libmagic-dev \
      locales \
      python3 \
      python3-dev \
      python3-pip \
 && gem install bundler -v 1.17.3 \
 && bundle config git.allow_insecure true \
 && chmod +x /tmp/install.sh \
 && SKIP_PYTHON=yes /tmp/install.sh \
 && rm /tmp/install.sh \
 && node -v \
 && npm -v \
 && npm install -g corepack \
 && apt-get purge -y --auto-remove \
      -o APT::AutoRemove::RecommendsImportant=false \
 && rm -rf $HOME/.npmrc $HOME/.pip /var/lib/apt/lists/* \
 && if [ -n "$DEBIAN_REPO" ]; then \
      if [ -f /etc/apt/sources.list ]; then \
        sed -i "s|$DEBIAN_REPO/debian-security|http://security.debian.org/debian-security|g" /etc/apt/sources.list; \
        sed -i "s|$DEBIAN_REPO/debian|http://deb.debian.org/debian|g" /etc/apt/sources.list; \
      fi; \
      if [ -f /etc/apt/sources.list.d/debian.sources ]; then \
        sed -i "s|$DEBIAN_REPO|http://deb.debian.org|g" /etc/apt/sources.list.d/debian.sources; \
      fi \
    fi; \
    if [ -n "$RUBYGEMS_REPO" ]; then \
      gem sources --add https://rubygems.org/; \
      gem sources --remove $RUBYGEMS_REPO/; \
      gem sources -c; \
    fi

CMD ["/bin/bash"]



# cdxgen-image
FROM base AS cdxgen

ENV ATOM_RUBY_HOME=/root/.rbenv/versions/${ATOM_RUBY_VERSION} \
    CDXGEN_GEM_HOME="/tmp/gems" \
    CDXGEN_IN_CONTAINER=true \
    NODE_COMPILE_CACHE="/opt/cdxgen-node-cache" \
    PATH=${PATH}:${PYTHONPATH}/bin:/opt/cdxgen/node_modules/.bin

COPY . /opt/cdxgen

RUN set -e; \
    if [ -n "$DEBIAN_REPO" ]; then \
      if [ -f /etc/apt/sources.list ]; then \
        sed -i "s|http://deb.debian.org/debian|$DEBIAN_REPO/debian|g" /etc/apt/sources.list; \
        sed -i "s|http://security.debian.org/debian-security|$DEBIAN_REPO/debian-security|g" /etc/apt/sources.list; \
      fi; \
      if [ -f /etc/apt/sources.list.d/debian.sources ]; then \
        sed -i "s|http://deb.debian.org|$DEBIAN_REPO|g" /etc/apt/sources.list.d/debian.sources; \
      fi \
    fi; \
    if [ -n "$NODEJS_DIST_URL" ]; then \
      export "NVM_NODEJS_ORG_MIRROR=$NODEJS_DIST_URL"; \
      printf "disturl=$NODEJS_DIST_URL\n" >> $HOME/.npmrc; \
    fi; \
    if [ -n "$NPM_REPO" ]; then \
      export "COREPACK_NPM_REGISTRY=$NPM_REPO"; \
      printf "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO\n" >> $HOME/.npmrc; \
    fi; \
    if [ -n "$PIP_CONFIG" ]; then \
      mkdir $HOME/.pip/; \
      printf "$PIP_CONFIG" > $HOME/.pip/pip.conf; \
    fi; \
    cd /opt/cdxgen \
 && corepack enable \
 && corepack pnpm install:prod \
 && corepack pnpm cache delete \
 && npm install -g --omit=dev @appthreat/atom-parsetools@1.0.4 \
 && mkdir -p ${NODE_COMPILE_CACHE} \
 && node /opt/cdxgen/bin/cdxgen.js --help \
 && rbastgen --help \
 && rm -rf ${CDXGEN_GEM_HOME} \
 && mkdir -p ${CDXGEN_GEM_HOME} \
 && rm -rf $HOME/.npmrc $HOME/.pip /root/.cache/node \
 && chmod a-w -R /opt \
 && if [ -n "$DEBIAN_REPO" ]; then \
      if [ -f /etc/apt/sources.list ]; then \
        sed -i "s|$DEBIAN_REPO/debian-security|http://security.debian.org/debian-security|g" /etc/apt/sources.list; \
        sed -i "s|$DEBIAN_REPO/debian|http://deb.debian.org/debian|g" /etc/apt/sources.list; \
      fi; \
      if [ -f /etc/apt/sources.list.d/debian.sources ]; then \
        sed -i "s|$DEBIAN_REPO|http://deb.debian.org|g" /etc/apt/sources.list.d/debian.sources; \
      fi \
    fi

WORKDIR /app

ENTRYPOINT ["node", "/opt/cdxgen/bin/cdxgen.js"]
